The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

If your IP address is listed by the XBL, see the XBL FAQs for solutions

Incorporates CBL data

XBL is a list of spam sources due to exploited computers or other devices. It
is mostly composed of--as well as the primary distribution zone
for--CBL data (www.abuseat.org). It may also include other lists of spam sources due to
exploited computers and other devices.

NJABL closing information

The NJABL has announced it is shutting down and is now serving an emtpy zone.
NJABL should not be queried by any system from now on, and accordingly has been removed from XBL.
For more information, please visit http://www.njabl.org/

XBL Usage

The Exploits Block List can be used by all modern mail servers, by setting your mail server's anti-spam DNSBL feature (sometimes called "Blacklist DNS Servers" or "RBL servers") to query xbl.spamhaus.org. XBL is also part of a combined DNSBL comprising SBL, XBL and PBL, see: ZEN

Mail servers already using cbl.abuseat.org should NOT also use xbl.spamhaus.org or you will be making 'double' queries to basically the same data source and only one DNSBL will appear to work (the other(s) will appear to not catch anything).